Bamboo via Apache with SSL

I can't reply to this old forum discussing this topic:

This is less of a question and more of a contribution to the community of how I did it.

My web server is Apache and I only wanted to provide access to three services (Bamboo, Fisheye, and Jira) all through the same secure port, using different web contexts

  • myserver:443/bamboo
  • myserver:443/jira
  • myserver:443/fisheye

Jira and fisheye were relatively easy to set up because they use the tomcat container. Using mod proxy apache can communicate with these services over plain HTTP, and proxy port / proxy host settings take care of the rest.

Bamboo I had much trouble with. The old forum thread seemed overly complex. And one of the solutions wouldn't work for me because I do not expose Bamboo on a non-secure port.

In the end what solved it was to reconfigure Bamboo so that it loaded from the jetty.xml file. Then I reconfigured the server to publish on an SSL connector. Then I used Apache's SSL proxy to communicate with Bamboo over SSL behind the scenes as well. This works because then Bamboo is expecting to work with the https scheme and redirects or generated links don't keep switching back to http://.

1 answer

The jetty.xml I am using is below. I am using a self-signed certificate created with keytool. I am not certain if it is necessary to serve bamboo on the unsecured port (8085) but it serves on ssl over 8086. Neither of these ports is accessible externally via my firewall. Apache connects to the service on the 8086 port.

<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "">
<Configure id="Server" class="org.eclipse.jetty.server.Server">
    <Call name="addConnector">  
            <New class="org.eclipse.jetty.server.nio.SelectChannelConnector">  
                <Set name="host"><Property name="" /></Set>  
                <Set name="port"><Property name="jetty.port" default="8085"/></Set>  
                <Set name="confidentialPort"><SystemProperty name="jetty.ssl.port" default="8086"/></Set>
                <Set name="IntegralPort">8086</Set>
    <Call name="addConnector">
            <New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
                <Set name="host"><Property name="" /></Set>
                <Set name="port"><Property name="jetty.port" default="8086"/></Set>
                <Set name="Keystore"><SystemProperty name="jetty.home" default="."/>/keystore</Set>
                <Set name="Password">password</Set>
                <Set name="KeyPassword">password</Set>
    <Call name="setHandler">
            <New class="org.eclipse.jetty.webapp.WebAppContext">
                <Arg name="webApp">
                    <SystemProperty name="bamboo.webapp" default="../webapp"/>
                <Arg name="contextPath">/bamboo</Arg>
                <Set name="defaultsDescriptor">webdefault.xml</Set>
                <Get name="sessionHandler">
                    <Set name="sessionManager">
                        <New class="org.eclipse.jetty.server.session.HashSessionManager">
                            <Set name="httpOnly">true</Set>        <!-- use M$ http only cookies? -->

Doesn't work for me

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted yesterday in Canada

Happy New Year - First AUG of the year - great success

Hi Everyone, Hope everyone had a great holiday season and is ready for an exciting 2019.  We had our first AUG last night featuring Tempo Timesheets.  A great presentation and lots of int...

17 views 0 1
View post

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you